I’ll be livestreaming starting at 10am sharp, making an attempt at beating TMNT 1 for the NES with a ten hour timelimit. No glitches, no level select code, but I’ll be (sparingly) using save states on my way through to save my ass in case of issues (e.g. emulator crashes or other system issues, etc).

As this will be my first run at the game in 15 years, I’ll make use of maps so I don’t flounder too badly.

The things I do in service of science! All of this is a backer “reward” for our DIY Science Zone fundraising this year, for Geek Girl Con, where I’ll be running demonstrations on the game Zombie Dice and how know when to hold ’em (brains), know when to shamble away and know when to chomp.

Here’s the donation form. We bring science demos to kids on an all-volunteer basis, and the cost helps pay for this zone — without this annual fundraising, we couldn’t continue this excellent annual tradition of getting the kids who visit Geek Girl Con excited about STEM fields!

As part of the DIY Science Zone fundraising for Geek Girl Con, we set a number of fundraising goals wherein our amateur and professional scientists offer self-torture as incentive. This year I’ll be reprising my demos on randomness and probability, only this time I’ll be doing it in context of Zombie Dice, as a tie-in with the Gaming Zone. This is going to be a ton of fun! And brains. Lots of brains.

As part of our $1500 fundraising goal, I agreed to live-tweet Battlefield Earth. Whaaaaaat a stinker. A meandering mess of displays of every baser human instinct, written by that same guy who founded that one religion. You know the one.

A few Mock The Movie stalwarts voluntarily threw themselves on my pyre in solidarity. I am Hashtag-Blessed to find myself among such friends and/or fellow masochists.

Once the fundraiser hits $3000, this year I’ll be doing a twitch stream long-play of the original Teenage Mutant Ninja Turtles for NES. I haven’t played it in at least fifteen years. I promise I’ll be rusty as hell and will likely die a lot. Hooray! If you want to help get us there, here’s the donation form. We bring science demos to kids on an all-volunteer basis, and the cost helps pay for this zone — without this annual fundraising, we couldn’t continue this excellent annual tradition of getting the kids who visit Geek Girl Con excited about STEM fields!

Okay, so let’s start trying to get this archive back up to date. I have no idea how long it’ll be before I get all the transcripts up, but, here you are: Tough And Deadly, a Billy Blanks and Roddy Piper joint, brackets TM close brackets.

As this is their second outing together, they have apparently developed something of a rapport with one another that none of the mockers could help but appreciate. I recall this as being a fun movie and something of a palate cleanser after Ray Burks subjected me to Glitter.

Folks, that is what I am having for lunch today. Only Canadians or Canadian-adjacent people know the comparative glory of this particular no-name-brand boxed mac and cheese. If Kraft Dinner ain’t your thing, this is not an alternative to take lightly.

I order it from Canada by the case.

Yes, seriously.

And no, before you ask, the President’s Choice imprimateur shouldn’t be Prime Minister, because it’s the president of the grocery company they’re referring to. This is the Loblaws (and other grocery chains) store brand.

There are a number of reasons why I couldn’t, but the biggest reason is, there’s a meta-narrative woven into the texture of the game that works in such a way that I can’t bring myself to actually press that reset button.

This game is impossible to discuss from a morality standpoint without heavy, HEAVY spoiling. If you haven’t played it, it’s $10, it’ll take you about 10 hrs to play through to the “good ending”, and longer if you decide you want to also see the “bad ending”. And it is worth literally every penny, I swear to you. If you are a video gamer of at least the SNES era, this is aimed square at you — you are its target audience, and it’s a love letter to everything you love about video games. But the why of it all, I honestly can’t tell you without spoiling the game, so I’ll be doing this below the fold.

Frivolous Fridays are the Orbit bloggers’ excuse to post about fun things we care a lot about that may not necessarily have serious implications for politics or social justice. Although any day is a good day to write about our passions outside of social issues, we sometimes have a hard time giving ourselves permission to do that. This is our way of encouraging each other to take a break from serious topics and have some fun.

I have a confession to make. A totally PG, totally legal, totally “nothing to be ashamed of” confession, that’ll likely make the majority of you scoff and say “so?” and some other fraction of you decide this isn’t the post for you.

For those of you who have difficulty reading seriffed fonts, or who would prefer to use the OpenDyslexic font but aren’t on a computer you control, we’ve installed the ability to switch all the fonts on the site to something a little more readable for you.

Caveats:

– You must be logged in to the site, or else we don’t know to deliver the pages to you in that font. You may log in either with local credentials, or via the WordPress.com Single Sign On.
– This obviously only affects fonts that are text, not ones that are part of images like blog banners, etc.

When you’re logged in, click the Key icon and click Edit my profile. Or, go here.ETA: that will only work for some small fraction of you — best to use the key link or the WP Admin bar where it says “Howdy, Yourname”.) Choose an option (probably to use on both the website and the admin) under the OpenDyslexic header, scroll to the bottom, and click “update”.

From then on, any time you’re logged into the site under your account, you’ll have all the pages rendered to you with the OpenDyslexic font, like so:

Additionally, since apparently this is not common knowledge among those who have need for such options, most modern browsers provide you with the ability to change the font size on the page you’re viewing. Either hold the Ctrl (or Command on a Mac) key on your keyboard, and use the mousewheel to zoom in and out, or hold Control and hit the Plus or Minus keys (next to the Backspace/Delete key, or on your number pad). This will work in Internet Explorer, Edge, Chrome/ium, Opera, Firefox and Safari, though the specific key combination may be different in your version, so look around in the View menu. Those of you who feel the font is too large (or, at least in one case, too SMALL, despite our default being significantly larger than many other sites) are encouraged to use that zoom function to set your browser settings to something comfortably readable. If you’re absolutely stumped for how to do so, let me know what browser you’re in, and I’ll try to find an option for you.

We take accessibility concerns very seriously here, and if you have any issues to report, please let us know however you can — either in comments on this post, by the email I’ve provided in my header, or by the tech issues form, for instance, but I’ll take bug reports by carrier pigeon if need be. We can’t accommodate every request, especially conflicting requests, so we aren’t about to make radical changes to our default theme that may alienate some other users without a very compelling reason to do so (so please keep your “can you change all the fonts everywhere to Papyrus 64pt red on dark-red” troll requests to yourselves, thanks!), but any issues with, for instance, screen reader software can be dealt with without impacting other readers negatively.

Cloudflare is a reverse proxy service that protects hundreds of thousands of websites, The Orbit included, from attacks like DDoS, spam, brute force, and various other exploits. Without it, in the adversarial environment that the Internet happens to be for social justice oriented folks, we would be crushed under the weight of people desiring to silence us. So, they’re doing us a great service, and we are indebted to them.

Yesterday, after a major vulnerability was discovered in the Cloudflare plugin for WordPress, which could allow sites to be cross-site scripted (a method that might allow you to inject bad code into a site “from the side”), it seems as though they panicked and decided to encode *all* POST and GET data, which caused a major set of problems. People trying to edit posts found every non-alphanumeric character turned into an HTML entity (“&colon;” instead of “:” for instance). Then those entities were being reencoded again (“&amp;colon&semi;”).

Over and over and on and on, the posts were getting more and more corrupted. And that wasn’t the only thing that was busted — admins were being told they didn’t have permissions to access certain pages, because the links to those pages were having parts of themselves converted to HTML entities as well. End users could see the site, but admins were fully hamstrung. Greta was working on Steven Universe episode 8 and got stopped short, emailed me to find out what broke, and to my horror, the auto-updated plugin for Cloudflare was actually hampering my ability to do anything in the WordPress admin. I thought we were in serious trouble, but I tracked it back to the plugin which had just updated to version 1.3.21. I pulled out an older version from Sunday’s backups, 1.3.20, and the problem was resolved. Then I found out WHY they’d updated it, and apparently there are such hacks in the wild right now.

So. Rather than risk getting us hacked, when they quickly released 1.3.22 to fix how they broke half of WordPress, I let it install that version.

Overnight, they’ve since updated to 1.3.23 to fix how they send things back to Cloudflare to pre-detect spam. So they made a giant mess and they’re clawing back at it right now.

There’s a problem that several people are reporting presently, that they can’t post comments while not logged in by submitting their email addresses — because the email address never validates. Clearly this is because the Cloudflare plugin is trying to sanitize that variable as well, incorrectly. Other blogs are also having this issue, as seen here: ERROR: The email address isn’t correct. (4 posts) and here: ERROR: The email address isn’t correct. (3 posts). This problem isn’t just impacting The Orbit, but any WordPress site that uses Cloudflare.

But because of the terrible nature of what they’re fixing here, we kind of have to ride out this storm. I could try to implement my own bugfix for this, e.g. by removing email address validation, but that would have other negative impacts on the rest of the site.

For now, please log in to make comments. Sorry for the inconvenience. Hopefully they’ll fix this issue too, as soon as possible.

This is a disaster and it was entirely avoidable through proper QA of the plugin before it being released. The rapid fire nature of the plugin updates speaks to a sort of panic to address the initial vulnerability, which is laudable, but a lack of foresight as to what kind of impact specific changes might make to the rest of the service. Those of us who rely on the plugin should not be stuck choosing between being hacked, being entirely unprotected against DDoS and spam, or having people be able to comment.

UPDATE: they released an update which properly namespaces their variables and only sanitizes those variables, so things should finally be under control. This is why you don’t release plugin updates into production without testing.